Five Things You Can't See on Your Network

Five Things You Can't See on Your Network

How business practices have changed the risky activity on your network

IP addresses don't equate to users: Looking for IP addresses to be a proxy for users can similarly put an organization at risk. IT often relies on spreadsheets to track addresses and tie them to usernames. In one case, a company's spreadsheet indicated that a certain IP address belonged to a switch port, and so that port was grouped with other "management" devices and assigned a policy to use only relevant management applications. Imagine the confusion when policy violations abounded. By looking at detailed flows, they were able to identify the "sender" as a user, and not a switch. This situation could easily have created the possibility for duplicate IP addresses and network loops, for example, or for users to be incorrectly grouped and accidentally given access to sensitive financial data. With only IP addresses to keep tabs, an organization truly has no idea about who is doing what on the network.

Illegal downloads: Being able to tie media downloads to individuals is key not only to retain productivity (and server space!) but also to meet compliance needs. Any organization where such activity is happening ends up liable, and the MPAA and RIAA are adamant about enforcing copyright violations. Given the chance to link download traffic to a specific user, IT can go to that user and reiterate the Internet usage policies, possibly saving a friend's job or a student's enrollment.

The changes in business practices I mentioned previously are happening very quickly, and IT must be able to tie traffic to user names. This facility is critical for enforcing access policies, achieving enforcement, satisfying compliance demands, meeting industry audits, and ensuring employee productivity. That level of visibility in the LAN is essential for IT to control what users can do on the LAN, because you can't control what you can't see.

So for a variety of reasons-data protection, employee productivity, simplified IT operations, and perhaps someone's job-IT should look for ways to more clearly know the identity of the users on the LAN and the full range of applications in use. Whatever the mechanism, IT will reap many rewards from identity-based user and application control.

Jeff Prince is chairman and CTO of ConSentry Networks.

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about ConSentryetworkGartnerOracleSentrySSH

Show Comments